Nansen Users Targeted in Phishing Scam Connected to Prior Data Breach

Published on:

  • Crypto analytics platform Nansen faced a phishing campaign where scammers exploited user data from a prior breach.
  • The firm has not responded to inquiries, leaving users uncertain and emphasizing the need for transparent communication during security incidents.
  • This phishing incident adds to the rising trend of attacks on crypto investors, underscoring the urgency for enhanced cybersecurity measures.

On November 23, the crypto community on X (formerly Twitter) became a concerned hub as users flagged an ongoing phishing campaign aimed at Nansen users. Scammers posing as representatives initiated a deceptive scheme by sending out fake invitations to what they claimed was an exclusive “Nansen Airdrop.” The bait was set, presenting an enticing opportunity for users to participate in an event that, in reality, did not exist.

This phishing attempt did not go unnoticed, thanks to the vigilance of crypto investigator Officer’s Notes (Officercia). Having previously warned the community about potential threats, Officercia played a crucial role in confirming the legitimacy of the phishing campaign.

Suspecting that scammers may have obtained user data from a prior third-party database leak, Officercia raised concerns about the targeted nature of the attack on users.

To comprehend the full scope of this incident, it’s essential to revisit a security breach that was encountered on September 22.

During this breach, one of its third-party vendors experienced a security incident, impacting nearly 7% of the platform’s users. The breach exposed sensitive user information, including email addresses, password hashes, and compromised blockchain addresses for some users.

What has been Nansen’s Response

Nansen responded promptly, assuring users that their wallet funds remained secure. The platform committed to identifying and notifying affected users, urging them to change their passwords promptly as a precautionary measure.

The Nansen phishing email
The Nansen phishing email was sent to Cryptocurrency investors. | PHOTO: Courtesy |

The phishing emails circulating as part of this recent attack appear to exploit the aftermath of the September breach. A red flag in the deceptive emails is the sender address, “,” which bears no relation to the legitimate Nansen analytics platform.

The phishing email employs a classic tactic, offering users a limited-time opportunity to claim a guaranteed amount of fake NANSEN tokens within the next 48 hours. Including a link in the email introduces the potential for users to be redirected to a malicious website, adding a layer of sophistication to the scam.

Officercia, in response to the phishing campaign, recommends a collective effort to combat such attacks. Users are encouraged to report suspected phishing links to databases like,, and This collaborative approach aims to diminish the success rates of phishing attempts, protecting the wider internet community.

RELATED: Phishing Attack and how it plagues blockchain security

Remarkably, Nansen has yet to respond to the phishing campaign. Its lack of a public statement leaves users uncertain, emphasizing the need for transparent communication during and after security incidents.

This incident adds another chapter to the growing narrative of phishing attacks targeting crypto investors. Recent leaks of user data from TrueCoin and FTX bankruptcy claims have further heightened concerns about the vulnerability of users to such attacks.

The exposure of sensitive information makes investors susceptible to phishing attempts, underscoring the urgency for heightened awareness and security measures within the crypto community.

In a parallel development, was embroiled in allegations of a database leak involving over 100,000 users. The company, however, vehemently denied these claims, asserting that the information in question was derived from scraping its public API and not from a security breach.

The nuanced explanation by the team illustrates the challenges in navigating claims of data breaches and emphasizes the importance of clear communication in addressing user concerns.

As phishing attacks continue to target crypto platforms and users, the significance of robust cybersecurity measures, user education, and timely responses to potential threats cannot be overstated. The crypto community must remain vigilant and proactive in safeguarding sensitive information to mitigate the risks associated with malicious activities.

In conclusion, the phishing incident serves as a poignant reminder of the evolving threat landscape in the crypto space. It highlights the interconnectedness of security breaches, phishing campaigns, and the imperative for transparent communication between platforms and users. As the crypto community navigates these challenges, a unified and proactive approach is crucial to ensuring the resilience and security of the ecosystem.


Leave a Reply

Please enter your comment!
Please enter your name here

Nathan Sialah
Nathan Sialah
Nathan Sialah is a seasoned journalist with a diverse background in digital journalism, radio broadcasting, and cryptocurrency trading. With over five years of experience in the field, Nathan has honed his skills in delivering accurate and engaging news content to a wide audience. In addition to his journalistic expertise, Nathan is a dedicated researcher in the Artificial Intelligence industry, keeping abreast of the latest advancements and trends. His multifaceted background allows him to bring a unique perspective to his reporting, covering a wide range of topics with depth and insight.